![](/screenshots/f999cbf2-a729-43dd-931d-3b9191b973cf.png)
amazondeals.services
Open in
urlscan Pro
74.14.95.100
Malicious Activity!
Public Scan
Submission: On January 19 via manual from CA — Scanned from ES
Summary
TLS certificate: Issued by R3 on January 18th 2023. Valid for: 3 months.
This is the only time amazondeals.services was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Amazon (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
15 | 74.14.95.100 74.14.95.100 | 577 (BACOM) (BACOM) | |
7 | 3.211.206.112 3.211.206.112 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 2600:9000:211... 2600:9000:211e:d200:1d:d7f6:39d2:2dc1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2600:9000:214... 2600:9000:214f:7600:3:12d0:8d40:21 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 52.46.136.110 52.46.136.110 | 16509 (AMAZON-02) (AMAZON-02) | |
26 | 5 |
ASN577 (BACOM, CA)
PTR: bras-base-mrhmon2409w-grc-57-74-14-95-100.dsl.bell.ca
amazondeals.services |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-206-112.compute-1.amazonaws.com
fls-na.amazon.com |
ASN16509 (AMAZON-02, US)
images-na.ssl-images-amazon.com |
ASN16509 (AMAZON-02, US)
d35uxhjf90umnp.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
amazondeals.services
amazondeals.services |
369 KB |
7 |
amazon.com
fls-na.amazon.com — Cisco Umbrella Rank: 1240 |
1 KB |
2 |
ssl-images-amazon.com
images-na.ssl-images-amazon.com — Cisco Umbrella Rank: 796 |
107 KB |
1 |
amazon.ca
unagi.amazon.ca — Cisco Umbrella Rank: 28914 |
401 B |
1 |
cloudfront.net
d35uxhjf90umnp.cloudfront.net |
12 KB |
26 | 5 |
Domain | Requested by | |
---|---|---|
15 | amazondeals.services |
amazondeals.services
|
7 | fls-na.amazon.com |
amazondeals.services
|
2 | images-na.ssl-images-amazon.com |
amazondeals.services
|
1 | unagi.amazon.ca |
amazondeals.services
|
1 | d35uxhjf90umnp.cloudfront.net |
amazondeals.services
|
26 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.amazon.ca |
Subject Issuer | Validity | Valid | |
---|---|---|---|
amazondeals.services R3 |
2023-01-18 - 2023-04-18 |
3 months | crt.sh |
fls-na.amazon.com Amazon |
2022-08-23 - 2023-08-22 |
a year | crt.sh |
images-na.ssl-images-amazon.com DigiCert Global CA G2 |
2022-10-26 - 2023-10-14 |
a year | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2022-12-08 - 2023-12-07 |
a year | crt.sh |
unagi-na.amazon.com Amazon |
2022-08-22 - 2023-08-21 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://amazondeals.services/ca/signin.html
Frame ID: 1C402C269B45E257977C179A72BC8BA0
Requests: 26 HTTP requests in this frame
7 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Conditions of Use
Search URL Search Domain Scan URL
Title: Privacy Notice
Search URL Search Domain Scan URL
Title: Conditions of Use
Search URL Search Domain Scan URL
Title: Privacy Notice
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
26 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
signin.html
amazondeals.services/ca/ |
129 KB 54 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
61g-kxL8QTL._RC_11Fd9tJOdtL.css%2c11tfezETfFL.css%2c31Q3id-QR0L.css%2c31U9HrBLKmL.css_b1fc.css
amazondeals.services/images-na.ssl-images-amazon.com/images/I/ |
131 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
01SdjaY0ZsL._RC_31jdWD%2bJB%2bL.css%2c41HbnNS3IWL.css_7e0c.css
amazondeals.services/images-na.ssl-images-amazon.com/images/I/ |
36 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11niB2yr5DLc8b6.css
amazondeals.services/images-na.ssl-images-amazon.com/images/I/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
A2EUQ1WTGCTBG2:134-6363263-5044435:F46ZPX4VN9KHVE13HSQN$uedata=s:%2Fap%2Fuedata%3Fstaticb%26id%3DF46ZPX4VN9KHVE13HSQN:0
fls-na.amazon.com/1/batch/1/OP/ |
43 B 150 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AuthenticationPortalSigninNA.js
amazondeals.services/static.siege-amazon.com/prod/profiles/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
61NeHXhGwSL._RC%7C11Y+5x+kkTL.js,51KMV3Cz2XL.js,31x4ENTlVIL.js,31f4+QIEeqL.js,01N6xzIJxbL.js,518BI433aLL.js,01rpauTep4L.js,31QZSjMuoeL.js,61ofwvddDeL.js,01KsMxlPtzL.js_.js
images-na.ssl-images-amazon.com/images/I/ |
310 KB 84 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
21ZMwVh4T0L._RC%7C21OJDARBhQL.js,218GJg15I8L.js,31lucpmF4CL.js,2119M3Ks9rL.js,51MQ7-Fw85L.js_.js
images-na.ssl-images-amazon.com/images/I/ |
88 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
01wGDSlxwdLf98e.js
amazondeals.services/images-na.ssl-images-amazon.com/images/I/ |
521 B 734 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
41iQIlqCHwLc8b6.js
amazondeals.services/images-na.ssl-images-amazon.com/images/I/ |
18 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
818jIy8T6BLf1d7.js
amazondeals.services/images-na.ssl-images-amazon.com/images/I/ |
325 KB 108 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
31jdfgcsPAL5973.js
amazondeals.services/images-na.ssl-images-amazon.com/images/I/ |
14 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
71kn7f%2btS%2bLac85.js
amazondeals.services/images-na.ssl-images-amazon.com/images/I/ |
253 KB 79 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
71JnhH4xn5La250.js
amazondeals.services/images-na.ssl-images-amazon.com/images/I/ |
152 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mPGmT0r6IeTyIee.png
amazondeals.services/m.media-amazon.com/images/S/sash/ |
27 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
showads.v2c1f1.js
amazondeals.services/m.media-amazon.com/images/G/01/csm/ |
23 B 235 B |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
d35uxhjf90umnp.cloudfront.net/ |
37 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uedata
amazondeals.services/ap/ |
548 B 548 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
A2EUQ1WTGCTBG2:134-6363263-5044435:F46ZPX4VN9KHVE13HSQN$uedata=s:%2Fap%2Fuedata%3Fld%26v%3D0.236781.0%26id%3DF46ZPX4VN9KHVE13HSQN%26sw%3D1600%26sh%3D1200%26vw%3D1600%26vh%3D1200%26m%3D1%26sc%3DF46Z...
fls-na.amazon.com/1/batch/1/OP/ |
43 B 149 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
A2EUQ1WTGCTBG2:134-6363263-5044435:F46ZPX4VN9KHVE13HSQN$uedata=s:%2Fap%2Fuedata%3Fld%26v%3D0.236781.0%26id%3DF46ZPX4VN9KHVE13HSQN%26sc0%3Daui%3Asw%3Appft%3Acallback_ricb%26bb0%3D309%26pc0%3D357%26l...
fls-na.amazon.com/1/batch/1/OP/ |
43 B 148 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
com.amazon.csm.csa.prod
unagi.amazon.ca/1/events/ |
2 B 401 B |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
31QYhx-taiL.js
amazondeals.services/images-na.ssl-images-amazon.com/images/I/ |
9 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
fls-na.amazon.com/1/batch/1/OE/ |
0 165 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
fls-na.amazon.com/1/batch/1/OE/ |
0 165 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
fls-na.amazon.com/1/batch/1/OE/ |
0 165 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
fls-na.amazon.com/1/batch/1/OE/ |
0 165 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Amazon (Online)84 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| oncontentvisibilityautostatechange number| ue_t0 object| ue_csm number| ue_hob string| ue_err_chan string| ue_id string| ue_url number| ue_navtiming string| ue_mid string| ue_sid string| ue_sn string| ue_furl string| ue_surl number| ue_int number| ue_fcsn number| ue_urt string| ue_rpl_ns number| ue_ddq string| ue_fpf number| ue_sbuimp number| ue_ibft number| ue_fnt number| ue_swi function| ue_viz number| ue_hoe number| ue_ihb object| ue function| ueLogError object| ue_err number| ueinit function| uei function| ueh function| ues function| uet function| uex function| onLd function| onLdEnd function| onUl function| onstop number| aPageStart number| ue_ihe function| csa object| app object| amzn function| cf object| metadataList object| input object| authenticationFormList number| index object| fwcimCmd boolean| acicActionType boolean| acicShouldSetup function| acicEventListener function| submitForm function| setAAToken function| getClientContext function| getEmailAddress function| isTestEmailPattern object| ue_mbl string| ue_pty string| ue_spty number| ue_adb number| ue_adb_rtla number| ue_wtc_c string| ue_aa_a number| ue_ibe function| _uess number| ue_fadb function| ue_isAdb object| ue_utils number| ue_unrt object| jQuery16408529523693560799 boolean| loginWithOTPState object| regeneratorRuntime object| SiegeCrypto number| ue_adb_chk function| setImmediate function| clearImmediate number| __fwcimLoaded object| fwcim object| pie object| ue_ext1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
amazondeals.services/ | Name: csm-hit Value: tb:s-F46ZPX4VN9KHVE13HSQN|1674130699667&t:1674130700289&adb:adblk_no |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
amazondeals.services
d35uxhjf90umnp.cloudfront.net
fls-na.amazon.com
images-na.ssl-images-amazon.com
unagi.amazon.ca
2600:9000:211e:d200:1d:d7f6:39d2:2dc1
2600:9000:214f:7600:3:12d0:8d40:21
3.211.206.112
52.46.136.110
74.14.95.100
2e5c4e5dd76d19bd957864a5485880b7dd5381be31835dc30dbb276d82652a89
3248fa83915144dbaa2d992d424245404a76d4283b3665e31a0c3a1b41640799
3ad4c7b191d37990308aa8aa0d3839cd2a36a15036f106c2afce8996cf89c230
432dff2bd6f663c6151a5947fa318a46463085d4f6e40761450e8b38fd0fe938
437e95a363a4291060e34ba170e043274e0155821e9be374f35de3c4f13cbaa5
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5915707d547c6d2123a90a0ba8edaafe0cb68381236b0b0a1457600a5efa1d93
6267b22c78747f8db9476b502c900e874aebf89e1c658b5b3282f4c01f7a54c2
6682ef33c9b82c4acf0bfbdf62638ccec37f4b8aa089cd83f7a1cd1da044ede0
6efe9aedeb0d7c9ceadc988644d432f25bd2f923dc258a0f388ea509c0513ea0
806515fc532c46edba4098c13c747c65c3976f1cf8cfe7d16804377bae53c003
88ea58255d4cd82340f7acaabe0e6a99f195a4dc2ca6ef56ec503d03b331bee5
898405bf4290ab30c665588b89a00e82201e0bc8d4c7278a514af09c0fe4ecd4
a17dd223c142f179eefbd089c0e1cbb75b61c2678821912271b407984eff4056
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce
b24c4b588fadee064cb031561bc4bdb118ce8c3c0349a269fc36507852a83b5b
cba6dc818825aa18646804b47d9e73e28fbcdcca6ee2f4fa5e07a1dcb17819e4
cd93f071adf39019db27463225c6479754f0b7c0ed2c6bc53099887e76dd1445
d388d983468da36d7d5b59cd9852f719142d1587ddd1a2fe3688789f5a03b607
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855